Well that it’s now December with Christmas and New Year’s there are an awful lot of toys going around town. Many of these toys can now be connected to the internet! In a recent New York Times article these newly connected toys which are a part of “The Internet of Things” are operating as spies for malicious threat actors. In the toy connected operational spy tools many of them are toys such as smart watches for kids, a droid from the recent “Star Wars” movie, a girl’s doll companion named “My Friend Cayla” and a new interactive furry toy named “Furby”. The newly bought toys can all be connected to the internet for human computer interaction. As an example, the My Friend Cayla doll can whisper to children in several languages and the plush Furby Connect doll can smile back and laugh when tickled. However, when anything is connected online, it can also be exposed and exploited by malicious hackers. Unfortunately, hackers always look for weaknesses or vulnerabilities in order to gain access to digitally connected devices such as “Internet of Things” (IoT) toys. Once the hackers are able to find the vulnerabilities, which there are several, the hackers are able to use the toys’ cameras and microphones to potentially see and hear whatever the toy sees and hears. As a result, according to Redport IA cybersecurity researchers, the toys can then be turned into little remote spies to track little ones including their home location. These capabilities are quite frightening to consumers. A foreign government has taken these new toy’s capabilities as being very serious, therefore The German Federal Network Agency, the country’s regulatory office equivalent to the U.S. FCC has labeled The My Friend Cayla Doll to be an espionage apparatus and has declared it to be discontinued, as well as being disconnected from the internet. Redport IA’s Director of Cybersecurity Operations,  suggests that the risks are high and greatly involved with toys which are connected to the internet. The risks are determined to be so great that even the F.B.I. has issued a broad warning about such internet connected toys and the potential privacy rights violations of such toys. Thus, parents should pay their most attention on how the newly purchased toy is connected to the internet. If the toy is connected wirelessly using Bluetooth, the device should have a password key. The device should also be able to receive updates from the manufacturer in order to keep the device updated with security patches for secure and private operations. If a parent is truly concerned about the toy they should also research where the data is stored to make sure that it is not exposed and distributed elsewhere. By Dr. Randall SylvertoothSource:https://www.nytimes.com/2017/12/21/technology/connected-toys-hacking.html?rref=collection%2Fsectioncollection%2Ftechnology&action=click&contentCollection=technology&region=rank&module=package&version=highlights&contentPlacement=2&pgtype=sectionfront

For more information about Redport’s information assurance and cyber security services, visit www.redport-ia.com, email us at info@redport-ia.com, like us on Facebook, and follow us on Twitter@redport_ia.

Gaithersburg, MD, USA